Huawei switch configuration telnet and SSH login device (simple utility edition)

Telnet is the standard protocol and primary way for Internet remote login services. It provides users with the ability to perform remote host work on the local computer. Use the Telnet program on the end user's computer to connect to the server. End users can enter commands in the Telnet program that run on the server as if they were entered directly on the server's console. The server can be controlled locally. To start a telnet session, you must enter a user name and password to log on to the server. Telnet is a common method of remote control Web server, which greatly improves the flexibility of user operation.

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M00/8E/5E/wKioL1i-q-2BBwCQAABYXEKrqWU464.png-wh_500x0-wm_ 3-wmp_4-s_2653197052.png "title=" Tim20170307204722.png "alt=" Wkiol1i-q-2bbwcqaabyxekrqwu464.png-wh_50 "/>

Test topology diagram

Configure telnet:

1.1 General Authentication Login

LSW1 Configuration:

[huawei]user-interface vty 0 1 # Set VTY virtual channel, maximum number of connections allowed

[huawei-ui-vty0-1]authentication-mode Password # set authentication mode to password

[huawei-ui-vty0-1]set Authentication password Cipherhuawei # set the password to Huawei

[Huawei-ui-vty0-1]user Privilege Level 3 # after the user logs on, the level is 3 , on behalf of the management level

LSW2 Test:

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M02/8E/5E/wKioL1i-rJPRss-LAADBt15Mjuc527.png-wh_500x0-wm_ 3-wmp_4-s_1707771927.png "title=" Tim20170307205016.png "alt=" Wkiol1i-rjprss-laadbt15mjuc527.png-wh_50 "/>

1.2AAA Authentication Login

LSW1 Configuration:

[LSW1]AAA

[lsw1-aaa]local-user admin Password cipher adminprivilege level 3

[Lsw1-aaa]local-user admin Service-type telnet

[Lsw1]user-interface vty 0 1

[Lsw1-ui-vty0-1]authentication-mode AAA

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M02/8E/5E/wKioL1i-rQzAf_kFAAEER7cMwIY782.png-wh_500x0-wm_ 3-wmp_4-s_552807017.png "title=" Tim20170307205214.png "alt=" Wkiol1i-rqzaf_kfaaeer7cmwiy782.png-wh_50 "/>

Configuration SSH:

because telnet lacks the security authentication method, and the transmission process uses the TCP plaintext transmission, there is a large risk. Easily lead to malicious attacks such as IP address spoofing. Now many IT ops people have abandoned the simple telnet management.

SSH(secure Shell) is a network security protocol that encrypts network data to provide secure remote logins and other network services in an insecure environment. SSH Data encrypted transmission, authentication mechanism is more secure, and can replace telnet, has now been widely used.

because SSH users use the Password method to verify that the local RSA key is generated on the SSH server side , so generating the local RSA key is complete after ssh The first operation of the login configuration is as follows:

650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M00/8E/60/wKiom1i-rWygZuNMAAE0KM3PeL4618.png-wh_500x0-wm_ 3-wmp_4-s_943593570.png "title=" Tim20170307205352.png "alt=" Wkiom1i-rwygzunmaae0km3pel4618.png-wh_50 "/>

[Lsw1]user-interface vty 4

[Lsw1-ui-vty4]authentication-mode AAA # the user authentication method is AAA

[Lsw1-ui-vty4]protocol Inbound SSH # Set VTY only support SSH protocol, automatic Prohibition telnet function

[LSW1]AAA

[lsw1-aaa]local-user Huawei Password cipher Huawei # New user name password

[Lsw1-aaa]local-user Huawei Privilege Level3 # User Privilege Level

[lsw1]ssh user Huawei Authentication-typepassword # Authentication Type

[lsw1]local-user Huawei Service-type stelnet #stelnet that SSH

[lsw1]stelnet Server Enable # Open SSH Service

Info:succeeded in starting the Stelnet server.

650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M01/8E/60/wKiom1i-rbSh79oJAAEPk5A38_o613.png-wh_500x0-wm_ 3-wmp_4-s_428701895.png "title=" Tim20170307205504.png "alt=" Wkiom1i-rbsh79ojaaepk5a38_o613.png-wh_50 "/>

Test OK!

This article is from "Li Fulin's personal blog" blog, make sure to keep this source http://lifulin.blog.51cto.com/6904692/1904104

Huawei switch configuration telnet and SSH login device (simple utility edition)